Dear all. I am trying to enable AP mode in my BPI-R2 Board and not able to make it work.
I found plenty of discussions about the AP mode on R2 board and good wiki page given by @frank-w
However, the given steps are not working straight away, required more effort to make it work and hence I would like to create a dedicated discussion for AP mode alone.
I enabled the AP mode by echo A >/dev/wmtWifi and used wifi.sh script given by Frank. I can see the WIFI name on my mobile and getting authentication problem when I am trying to connect with my R2 board. Attached my hostapd.conf file here. hostapd.conf (239 Bytes)
I am using Ubuntu 18.04. Kernel 4.14.32 precompiled kernel by Frank.
My log on the terminal is as follows,
ap0: Deauthentication callback for STA 84:cf:bf:8a:1b:ea
ap0: Removing STA 84:cf:bf:8a:1b:ea from kernel driver
nl80211: sta_remove -> DEL_STATION ap0 84:cf:bf:8a:1b:ea --> 0 (Success)
ap0: STA 84:cf:bf:8a:1b:ea MLME: MLME-DEAUTHENTICATE.indication(84:cf:bf:8a:1b:ea, 2)
ap0: STA 84:cf:bf:8a:1b:ea MLME: MLME-DELETEKEYS.request(84:cf:bf:8a:1b:ea)
wpa_driver_nl80211_set_key: ifindex=19 (ap0) alg=0 addr=0x4f5b98 key_idx=0 set_tx=1 seq_len=0 key_len=0
addr=84:cf:bf:8a:1b:ea
nl80211: Event message available
nl80211: Drv Event 20 (NL80211_CMD_DEL_STATION) received for ap0
nl80211: Delete station 84:cf:bf:8a:1b:ea
ap0: Event DISASSOC (1) received
ap0: STA 84:cf:bf:8a:1b:ea IEEE 802.11: disassociated
ap0: STA 84:cf:bf:8a:1b:ea WPA: event 2 notification
wpa_driver_nl80211_set_key: ifindex=19 (ap0) alg=0 addr=0x4f5b98 key_idx=0 set_tx=1 seq_len=0 key_len=0
addr=84:cf:bf:8a:1b:ea
WPA: 84:cf:bf:8a:1b:ea WPA_PTK entering state DISCONNECTED
WPA: 84:cf:bf:8a:1b:ea WPA_PTK entering state INITIALIZE
wpa_driver_nl80211_set_key: ifindex=19 (ap0) alg=0 addr=0x4f5b98 key_idx=0 set_tx=1 seq_len=0 key_len=0
addr=84:cf:bf:8a:1b:ea
nl80211: Set STA flags - ifname=ap0 addr=84:cf:bf:8a:1b:ea total_flags=0x0 flags_or=0x0 flags_and=0xfffffffe authorized=0
ap0: STA 84:cf:bf:8a:1b:ea IEEE 802.1X: unauthorizing port
Could not set station 84:cf:bf:8a:1b:ea flags for kernel driver (errno=11).
nl80211: sta_remove -> DEL_STATION ap0 84:cf:bf:8a:1b:ea --> 0 (Success)
ap_free_sta: cancel ap_handle_timer for 84:cf:bf:8a:1b:ea
I followed all the steps on Frank’s wiki page. But unable to make it work successfully. Any kind of help is appreciated.
Ok, I done the steps you recommend and then called wifi.sh. Still facing the same authentication problem. Full log attached here, full_log_ap.txt (27.3 KB)
I commented bridge=br-lan on my hostapd.conf file. Now I was able to cross the authentication issue. It is authenticated and trying to obtain the IP address for while. The log is here, log_ap_ip_failure.txt (16.1 KB)
I assumed, the wifi.sh script already set the IP address
I followed the steps for dnsmasq.conf & interfaces.conf and start dnsmasq on the wifi.sh script.
@Jackzeng Good work and working straight away with some minor modifications required.
I followed the instructions and confirmed that the AP mode is working fine. I have given my each steps and logs here, Howto_AP_Mode_Setup_BPI-R2.txt (11.8 KB)
Modification required :
What is “And a bridge” after "dhcpd ap0 -pf /var/run/dhcpd.pid "?.
brctl addif br wan : I am getting the error, bridge br does not exist!. “br” supposed to be “br0”
my network interface which can search internet is wan, and ip is 192.168.30.102, so I config ap0 as follows:
I assumed, you are getting internet through wan interface. So you bridge br0 & wan. I am using internet through by 4G module, wwan0 and want to distribute internet from 4G module into WIFI/Ethernet clients. Can I use, “brctl addif br0 wwan0”?. I tried. But my 4G internet is disconnected once I issued “brctl addif br0 wwan0”. Can you give me some input on how to distribute my 4G internet via this bridge?.
I was not able to get any IP address assigned when I connect my PC on 4 LAN ports. Its failed to get an IP address. I am not sure this document covered to set the IP configuration for LAN0/1/2/3 ports.
there are posts from other users saying bridging ap0 does not work, so please test first without that bridge in hostapd.conf…you can bridge lan-Ports , but hostapd/dnsmasq should listen to these interfaces (ap0,lanbr0) separately
set an ip to ap0 (or better change it in my wifi.sh)
configure range for ap0 in /etc/dnsmasq.d/
you can use same structure to run dnsmasq on lan0-lan3 / lanbr0
please do not bridge lan+wan…it is a router and it should forward traffic with firewall. bridging it will not work because your local ips cannot be used public (NAT/PAT) and if you have no local ips (multiple public like ipv6) you whole lan is available from public inet without any security
Ok, I managed to forward the internet from 4G module into WIFI as Access Point. Tested on both 4.14.x & 4.4.70 kernels. I followed this tutorial as reference, https://esther.codes/post-pi_router_story/ Given the below steps are only for reference from the above link and not a detailed steps.
You may install some packages like udhcpd, hostapd, openssl & iptables-persistent
echo A >/dev/wmtWifi
Edit the /etc/udhcpd.conf and configure IP address as per your interest. I just used “ap0” as my interface.
Enable DHCP server by editing /etc/default/udhcpd file
Configure your hostapd.conf file, /etc/hostapd/hostapd.conf
Configure ap0 interface in /etc/network/interfaces
Restart the network, /etc/init.d/networking restart
IP forward by sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
NAT enable by the following rules. Here my 4G module is connected with “wwan0”
iptables -t nat -A POSTROUTING -o wwan0 -j MASQUERADE
iptables -A FORWARD -i wwan0 -o ap0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i ap0 -o wwan0 -j ACCEPT
save the rules by sh -c "iptables-save > /etc/iptables.ipv4.nat"
service udhcpd start
hostapd -d /etc/hostapd/hostapd.conf &
dhcpd ap0 -pf /var/run/dhcpd.pid
Now you should able to access the internet by BPI-R2 WIFI Router. LAN ports are not targeting here.
If you make the forwarding-rules without ap0 you can use also lan-ports…blocking stuff have to be before this (if some ports should have no access to inet)